The chief executive of alcohol delivery app Drizly is set to come under a decadelong requirement imposed by the U.S. Federal Trade Commission to ensure whatever company he oversees has an information security program. A hacker stole customer records of 2.5 million individuals from Drizly in 2020.
In the latest weekly update, ISMG editors discuss the implications of the former Uber CSO's guilty verdict for the rest of the industry, the growing problem of keyless car theft, and the latest progress toward a passwordless future revealed at the annual FIDO Alliance conference.
If remote access to corporate networks is only as secure as the weakest link, only some dreadfully weak passwords now stand between hackers and many organizations' most sensitive data, according to new research from Rapid7 into the two most widely used remote access protocols - SSH and RDP.
Organizations can improve security with modern authentication protocols, but the big message to the marketplace is that FIDO Passkeys give customers more convenience and deliver a consistent user experience, according to panelists on the final day of FIDO Alliance's Authenticate 2022 Conference.
Fraudsters are using tried-and-true tactics such as check washing as well as Zelle scams and a host of insider threats to scam banks and their customers. Frank McKenna, chief fraud strategist at Point Predictive and author, explains why fraud is on the rise and the steps banks can take to stop it.
The latest edition of the ISMG Security Report discusses how Russian-speaking ransomware gangs have their eyes on a new target, offers the latest on Australia's data security reckoning and the government’s response, and outlines emerging trends in customer identity and access management.
In Part 2 of this video series, CyberEdBoard member Andrew Abel, a cybersecurity and zero trust consultant, and Chase Cunningham, CSO at Ericom Software, explain why organizations need to think about identities in the context of humans and nonhumans, their roles and their risks.
Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
Multifactor authentication was supposed to be the standard, but the sharp rise in highly successful MFA bypass attacks shows the industry needs to go further in verifying identities. Keynote speakers at Authenticate 2022 said the future of passwordless technology could answer this latest threat.
It’s no secret—hackers are after your passwords. Year after year, credential theft continues to be a top attack vector, yet organizations struggle to secure their credentials. Internal and external users risk being compromised when their passwords are shared, improperly stored, or used across multiple accounts and...
Over half of organizations have made changes to their cybersecurity structure over the last two years in response to this shift in business environments, but it’s barely moved the needle. The number of cyberattacks has increased, specifically through third-party vendor access, and businesses are failing to take...
Perennial leaders ForgeRock, Ping Identity and IBM, along with a surging Okta, set themselves apart from the pack of CIAM vendors in the latest report by KuppingerCole analysts. Ping Identity leapfrogged ForgeRock to capture the gold in product leadership, and IBM once again took the bronze.
Since credential leaks are so common in cybersecurity incidents and breaches, how is it even possible to protect identities? Corey Nachreiner of WatchGuard Technologies shares strategies for how enterprises can upgrade their approach to identity security.
"Good enough" security used to be just that for many boards and senior leaders. But in today's dynamic threat landscape, where digital identities are under siege, the concept of identity security has risen to be a business essential. Matt Mills of SailPoint tells why this is a game-changer.
The latest ISMG Security Report examines whether banks should be held liable for the rapidly increasing Zelle fraud problem, explores the latest M&A activity among IAM vendors, and discusses the implications of the new legal framework for personal data transfers between the U.S. and Europe.